From daa00b28998af811f92aa821090f0ac2dd71f2bc Mon Sep 17 00:00:00 2001
From: Nicolas Iooss <nicolas.iooss@m4x.org>
Date: Sat, 26 May 2018 18:15:07 +0200
Subject: [PATCH] checkpolicy: destroy the class datum if it fails to
 initialize

require_class() allocate memory for its variable "class_datum_t *datum"
and calls symtab_init(&datum->permissions, PERM_SYMTAB_SIZE). If this
second call fails, datum is not freed.

Fix this memory leak.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
 checkpolicy/module_compiler.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/checkpolicy/module_compiler.c b/checkpolicy/module_compiler.c
index 155702f2..ada7cb2a 100644
--- a/checkpolicy/module_compiler.c
+++ b/checkpolicy/module_compiler.c
@@ -802,6 +802,7 @@ int require_class(int pass)
 	if ((datum = calloc(1, sizeof(*datum))) == NULL ||
 	    symtab_init(&datum->permissions, PERM_SYMTAB_SIZE)) {
 		yyerror("Out of memory!");
+		class_datum_destroy(datum);
 		return -1;
 	}
 	ret =